{ISPP}suspect.eval.base64

False Positive Probability: medium

This Code executes code that was crypted by base64 encoding. Allthough it is commonly used by malware scripts it might also be part of non-malicious scripts encoded by obfuscating tools. Attackers can use this script to send spam emails for example.

Simplified example:

<?php
$x = 'WyJoZWxsbyJd';
eval(base64_decode($x));
?>